Patent Issued for Quick-logon for computing device (USPTO 11765151): United Services Automobile Association
2023 OCT 05 (NewsRx) -- By a
The assignee for this patent, patent number 11765151, is
Reporters obtained the following quote from the background information supplied by the inventors: “The protection and security of customer information is vital from an organization’s perspective, not only to comply with applicable laws, but to earn and keep their customer’s trust. Enhanced security often comes at the cost of convenience for the user, such as by requiring the user to answer additional security questions or to provide a code generated from a token generator. Various methods are used in authenticating a user attempting to access an account. Security analysts have identified three authentication factors that can be used in making a positive identification: ownership, knowledge, and inherence. Elements used to verify the first factor, ownership, may include a phone, a security token, or a software token. Elements used to verify the knowledge factor may include a password, username, personal identification number (PIN) or answers to security questions. Elements used to verify the inherence factor may include biometric data.
“Verifying two of the factors, “two-factor authentication”, is commonly used to authenticate a user. For example, many applications on mobile devices require the user to enter a PIN, satisfying the knowledge factor, on a particular mobile device, satisfying the ownership factor. In some mobile devices, the ownership factor is generally assumed to be satisfied because many mobile devices such as smartphones are particular to one person. Thus an impersonator would be required not only to have the mobile device, but also to know the PIN in order to access the application. This enables users to simply input a PIN into an application on a mobile device to be authenticated.
“Personal computers (computing devices) pose additional complexities in authenticating users. Computing devices are commonly used by more than one person. Thus, it is not safe to assume that the identity of the computing device satisfies the ownership factor. Additionally, computing devices have been more easily compromised than other devices. Current solutions increase security, but are often inconvenient for users. For example, one solution includes providing users with some type of token, and requiring the user to prove that the user has the token such as by typing in a one-time code generated by the token, in combination with a username/password/PIN. Other solutions focus on the knowledge factor such as by requiring the user to answer additional security questions.”
In addition to obtaining background information on this patent, NewsRx editors also obtained the inventors’ summary information for this patent: “Disclosed herein are methods and systems for verifying a user’s identity on a personal computer using two-factor authentication. More particularly, the system utilizes a personal identification number input by a user, together with one or more of a secure browsing feature, a device fingerprint, and a token generator to authenticate the user on the computer.
“While multiple embodiments are disclosed, still other embodiments of the present invention will become apparent to those skilled in the art from the following detailed description, which shows and describes illustrative embodiments of the invention. As will be realized, the invention is capable of modifications in various aspects, all without departing from the scope of the present invention. Accordingly, the drawings and detailed description are to be regarded as illustrative in nature and not restrictive.
“The drawings have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be expanded or reduced to help improve the understanding of the embodiments of the present invention. Similarly, some components and/or operations may be separated into different blocks or combined into a single block for the purposes of discussion of some of the embodiments of the present invention. Moreover, while the invention is amenable to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and are described in detail below. The intention, however, is not to limit the invention to the particular embodiments described. On the contrary, the invention is intended to cover all modifications, equivalents, and alternatives falling within the scope of the invention as defined by the appended claims.”
The claims supplied by the inventors are:
“1. A method comprising: receiving session data from a computing device through a login attempt on a system associated with a user profile, the session data including a behavioral characteristic associated with inputs to at least one interface executing on the computing device; monitoring for security events on the computing device to determine a security health of the computing device; authenticating the login attempt of the system without further interaction with the computing device by: verifying a one-time code generated by a token generator on the computing device; verifying that the behavioral characteristic matches an expected behavior stored in the user profile within a threshold level; and verifying that the security health of the computing device is within a predetermined threshold.
“2. The method of claim 1, further comprising: monitoring interactions of a user with the computing device, wherein the interactions include browsing behavior.
“3. The method of claim 1, further comprising: verifying that the computing device is pre-registered.
“4. The method of claim 1, further comprising: requesting, from a user, a secure token to authenticate the user to engage in an activity.
“5. The method of claim 1, wherein the session data includes a user input to the computing device, wherein the user input is a fingerprint.
“6. The method of claim 1, wherein the behavioral characteristic includes browsing history.
“7. The method of claim 1, wherein the behavioral characteristic is associated with an operation of an application on the computing device.
“8. A non-transitory computer-readable medium storing instructions that, when executed by a computing system, cause the computing system to perform operations comprising: receiving session data from a computing device through a login attempt on a system associated with a user profile, the session data including a behavioral characteristic associated with inputs to at least one interface executing on the computing device; monitoring for security events on the computing device to determine a security health of the computing device; authenticating the login attempt of the system without further interaction with the computing device by: verifying a one-time code generated by a token generator on the computing device; verifying that the behavioral characteristic matches an expected behavior stored in the user profile within a threshold level; and verifying that the security health of the computing device is within a predetermined threshold.
“9. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: monitoring interactions of a user with the computing device, wherein the interactions include browsing behavior.
“10. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: verifying that the computing device is pre-registered.
“11. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: requesting, from a user, a secure token to authenticate the user to engage in an activity.
“12. The non-transitory computer-readable medium of claim 8, wherein the session data includes a user input to the computing device, wherein the user input is a fingerprint.
“13. The non-transitory computer-readable medium of claim 8, wherein the behavioral characteristic includes browsing history.
“14. The non-transitory computer-readable medium of claim 8, wherein the behavioral characteristic is associated with an operation of an application on the computing device.
“15. A system comprising: one or more processors; and one or more memories storing instructions that, when executed by the one or more processors, cause the system to perform a process comprising: receiving session data from a computing device through a login attempt on a system associated with a user profile, the session data including a behavioral characteristic associated with inputs to at least one interface executing on the computing device; monitoring for security events on the computing device to determine a security health of the computing device; authenticating the login attempt of the system without further interaction with the computing device by: verifying a one-time code generated by a token generator on the computing device; verifying that the behavioral characteristic matches an expected behavior stored in the user profile within a threshold level; and verifying that the security health of the computing device is within a predetermined threshold.
“16. The system according to claim 15, wherein the process further comprises: monitoring interactions of a user with the computing device, wherein the interactions include browsing behavior.
“17. The system according to claim 15, wherein the process further comprises: verifying that the computing device is pre-registered.
“18. The system according to claim 15, wherein the process further comprises: requesting, from a user, a secure token to authenticate the user to engage in an activity.
“19. The system according to claim 15, wherein the session data includes a user input to the computing device, wherein the user input is a fingerprint.
“20. The system according to claim 15, wherein the behavioral characteristic includes browsing history, wherein the behavioral characteristic is associated with an operation of an application on the computing device.”
For more information, see this patent:
(Our reports deliver fact-based news of research and discoveries from around the world.)
Patent Issued for Systems and methods for using tokenized and dynamic physical checks (USPTO 11763272): United Services Automobile Association
Westland Insurance acquires David H. Coons Insurance Brokers Ltd.
Advisor News
- The financial advisor’s guide to creating an effective value proposition
- Thrivent survey finds gap between financial fear and action
- 1 in 3 say it doesn’t make financial sense to retire in their location
- Help your clients navigate tax regulations
- CFP Board announces CEO leadership transition
More Advisor NewsAnnuity News
Health/Employee Benefits News
- Tom Campbell: State Health Plan status quo not acceptable
- Federal change cuts pay for state's mental health counselors
- Quality health insurance would be unaffordable for many Ohioans if a new tax passes
- UnitedHealth paying $20.25M to settle lawsuit alleging improper denial of certain medical claims
- Mass. hikes tax penalty for the uninsured
More Health/Employee Benefits NewsLife Insurance News
- Annual Report for Fiscal Year Ending December 31, 2024 (Form 40-F)
- NC yanks incentives for Charlotte-area firms that had pledged $200M investment, 900 jobs
- 2024 Annual Information Form (pa e q424 2024 aif)
- Earnings news release (pa e q424 earnings)
- Supplementary financial information (pa e q424 finsupp)
More Life Insurance News